A7 Threat Intelligence Reality Check: Endpoint Detection and Response presented at ThreatIntelligence 2016

by Mark Butler,

Summary : Attend this talk to hear how FiServ improved endpoint detection and response capabilities though building a robust threat intelligence program: 1. Before: Historical TI opportunities and challenges, geography, distributed sites 2. During: Mid-deployment benefits, challenges, experiences, immediate TI benefits gained 3. After: Post-deployment TI organizational improvements, visibility enhancements, forensic capabilities, infections over time, software blocking, hunting skills 4. Lessons learned: Design, implementation, operations, forensics, IR and overall visibility to reduce risk. What surprises did we encounter? What would we do differently on the TI front?